performance issues and optimizations
play

Performance issues and optimizations Giles Reger University of - PowerPoint PPT Presentation

Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Performance issues and optimizations Giles Reger University of Manchester September 24, 2016 Optimising Parametric Trace Slicing


  1. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Brief Examples For every publisher there exists a subscriber that acknowledges every message the publisher sends ∀ publisher ∃ subscriber ∀ message publish ( publisher , message ) ack ( subscriber , message ) 1 2 3

  2. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools On Algorithms • These changes affect how the algorithms discussed in this and the previous lecture behave • The two main differences come from • Dealing with the general alphabet, especially the case where two symbolic events match the same concrete event • Dealing with free (unquantified) variables (and guards and assignments) • For time/space reasons we will not discuss QEAs further • In the next part we will assume the previous semantics

  3. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Optimising Parametric Trace Slicing In this part we will consider: • Extensions to the expressiveness of the theory • Indexing techniques to improve efficiency • Notions of redundancy that reduce the work required • Other pragmatic issues.

  4. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Previously. . . We saw an algorithm for monitoring JavaMOP properties. . . 1 ∆ : [ Bind ⇁ State ]; Θ : Bind ; 2 ∆ ← [ ⊥ → q 0 ] ; 3 foreach e ( θ ) ∈ τ in order do Θ ← dom (∆); 4 foreach θ ′ ∈ Θ do 5 if θ is consistent with θ ′ then 6 θ max ← θ ′ ; 7 foreach θ alt ∈ Θ do 8 if θ max ⊑ θ alt ⊑ θ † θ ′ then θ max = θ alt ; 9 ∆( θ † θ ′ ) ← δ (∆( θ max ) , e ) 10 11 return θ ∈ dom (∆) where ∆( θ ) is final

  5. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Previously. . . We saw an algorithm for monitoring JavaMOP properties. . . 1 ∆ : [ Bind ⇁ State ]; Θ : Bind ; • Let n = | dom (∆) | 2 ∆ ← [ ⊥ → q 0 ] ; on a given step 3 foreach e ( θ ) ∈ τ in order do • There are n 2 Θ ← dom (∆); 4 accesses to ∆ for foreach θ ′ ∈ Θ do 5 each event if θ is consistent with θ ′ then 6 θ max ← θ ′ ; 7 foreach θ alt ∈ Θ do 8 if θ max ⊑ θ alt ⊑ θ † θ ′ then θ max = θ alt ; 9 ∆( θ † θ ′ ) ← δ (∆( θ max ) , e ) 10 11 return θ ∈ dom (∆) where ∆( θ ) is final

  6. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Value-Based Indexing • The reason for the n 2 accesses is that we check every binding to see if it is relevant to the event • This is clearly inefficient • Instead, we can directly lookup relevant events by storing in a map, for each binding, those existing bindings that are relevant • This is called value-based indexing as we are indexing on the values (parameters) of the event

  7. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map

  8. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆

  9. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆:

  10. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆: This ensures that the most informative bindings are in ∆

  11. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆: ∀ θ, θ ′ ∈ dom (∆) : compatible ( θ, θ ′ ) ⇒ θ ⊔ θ ′ ∈ dom (∆)

  12. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆: ∀ θ, θ ′ ∈ dom (∆) : compatible ( θ, θ ′ ) ⇒ θ ⊔ θ ′ ∈ dom (∆) • U should be ‘submap-closed’ - every submap of a binding in ∆ should be in U :

  13. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆: ∀ θ, θ ′ ∈ dom (∆) : compatible ( θ, θ ′ ) ⇒ θ ⊔ θ ′ ∈ dom (∆) • U should be ‘submap-closed’ - every submap of a binding in ∆ should be in U : This ensures that every partial binding will be related to the known larger bindings

  14. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆: ∀ θ, θ ′ ∈ dom (∆) : compatible ( θ, θ ′ ) ⇒ θ ⊔ θ ′ ∈ dom (∆) • U should be ‘submap-closed’ - every submap of a binding in ∆ should be in U : ∀ θ ∈ dom (∆) , ∀ θ ′ ∈ Bind : θ ′ ⊏ θ ⇒ θ ′ ∈ dom ( U )

  15. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆: ∀ θ, θ ′ ∈ dom (∆) : compatible ( θ, θ ′ ) ⇒ θ ⊔ θ ′ ∈ dom (∆) • U should be ‘submap-closed’ - every submap of a binding in ∆ should be in U : ∀ θ ∈ dom (∆) , ∀ θ ′ ∈ Bind : θ ′ ⊏ θ ⇒ θ ′ ∈ dom ( U ) • U should be ‘relevance-closed’ - every entry in U should point to the relevant bindings in ∆:

  16. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆: ∀ θ, θ ′ ∈ dom (∆) : compatible ( θ, θ ′ ) ⇒ θ ⊔ θ ′ ∈ dom (∆) • U should be ‘submap-closed’ - every submap of a binding in ∆ should be in U : ∀ θ ∈ dom (∆) , ∀ θ ′ ∈ Bind : θ ′ ⊏ θ ⇒ θ ′ ∈ dom ( U ) • U should be ‘relevance-closed’ - every entry in U should point to the relevant bindings in ∆: This is the point of U . . . to point to the relevant known bindings

  17. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What should U be? • Let U : Bind → 2 Bind be such a map • We want U to help us update ∆ • ∆ should be ‘union-closed’ - if two compatible bindings are in ∆, their union should also be in ∆: ∀ θ, θ ′ ∈ dom (∆) : compatible ( θ, θ ′ ) ⇒ θ ⊔ θ ′ ∈ dom (∆) • U should be ‘submap-closed’ - every submap of a binding in ∆ should be in U : ∀ θ ∈ dom (∆) , ∀ θ ′ ∈ Bind : θ ′ ⊏ θ ⇒ θ ′ ∈ dom ( U ) • U should be ‘relevance-closed’ - every entry in U should point to the relevant bindings in ∆: ∀ θ, θ ′ ∈ dom (∆) : θ ⊑ θ ′ ⇒ θ ′ ∈ U ( θ )

  18. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools A refined algorithm 1 ∆ : [ Bind ⇁ State ]; U : Bind → 2 Bind 2 ∆ ← {⊥ → q 0 } ; U ← ∅ for any θ ∈ Bind foreach e ( θ ) ∈ τ in order do 3 if θ / ∈ dom (∆) then 4 foreach θ m ⊏ θ (big to small) do 5 if θ m ∈ dom (∆) then break; 6 defTo ( θ, θ m ) 7 foreach θ m ⊏ θ (big to small) do 8 foreach θ ′ ∈ U ( θ m ) compatible 9 with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 10 defTo ( θ ′ ⊔ θ, θ ′ ); foreach θ ′ ∈ { θ } ∪ U ( θ ) do 11 ∆( θ ′ ) ← σ (∆( θ ′ ) , e ) 12 13 return ∆

  19. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools A refined algorithm 1 ∆ : [ Bind ⇁ State ]; U : Bind → 2 Bind 2 ∆ ← {⊥ → q 0 } ; U ← ∅ for any θ ∈ Bind foreach e ( θ ) ∈ τ in order do 3 if θ / ∈ dom (∆) then 4 • Initialisation foreach θ m ⊏ θ (big to small) do 5 if θ m ∈ dom (∆) then break; 6 defTo ( θ, θ m ) 7 foreach θ m ⊏ θ (big to small) do 8 foreach θ ′ ∈ U ( θ m ) compatible 9 with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 10 defTo ( θ ′ ⊔ θ, θ ′ ); foreach θ ′ ∈ { θ } ∪ U ( θ ) do 11 ∆( θ ′ ) ← σ (∆( θ ′ ) , e ) 12 13 return ∆

  20. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools A refined algorithm 1 ∆ : [ Bind ⇁ State ]; U : Bind → 2 Bind 2 ∆ ← {⊥ → q 0 } ; U ← ∅ for any θ ∈ Bind foreach e ( θ ) ∈ τ in order do 3 if θ / ∈ dom (∆) then 4 • Initialisation foreach θ m ⊏ θ (big to small) do 5 • For each event if θ m ∈ dom (∆) then break; 6 defTo ( θ, θ m ) 7 foreach θ m ⊏ θ (big to small) do 8 foreach θ ′ ∈ U ( θ m ) compatible 9 with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 10 defTo ( θ ′ ⊔ θ, θ ′ ); foreach θ ′ ∈ { θ } ∪ U ( θ ) do 11 ∆( θ ′ ) ← σ (∆( θ ′ ) , e ) 12 13 return ∆

  21. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools A refined algorithm 1 ∆ : [ Bind ⇁ State ]; U : Bind → 2 Bind 2 ∆ ← {⊥ → q 0 } ; U ← ∅ for any θ ∈ Bind foreach e ( θ ) ∈ τ in order do 3 if θ / ∈ dom (∆) then 4 • Initialisation foreach θ m ⊏ θ (big to small) do 5 • For each event if θ m ∈ dom (∆) then break; 6 • If θ is not defined defTo ( θ, θ m ) 7 add it and ensure foreach θ m ⊏ θ (big to small) do 8 foreach θ ′ ∈ U ( θ m ) compatible closure properties 9 with θ do We will look at how if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 10 this is done next defTo ( θ ′ ⊔ θ, θ ′ ); foreach θ ′ ∈ { θ } ∪ U ( θ ) do 11 ∆( θ ′ ) ← σ (∆( θ ′ ) , e ) 12 13 return ∆

  22. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools A refined algorithm 1 ∆ : [ Bind ⇁ State ]; U : Bind → 2 Bind 2 ∆ ← {⊥ → q 0 } ; U ← ∅ for any θ ∈ Bind foreach e ( θ ) ∈ τ in order do 3 if θ / ∈ dom (∆) then 4 • Initialisation foreach θ m ⊏ θ (big to small) do 5 • For each event if θ m ∈ dom (∆) then break; 6 • If θ is not defined defTo ( θ, θ m ) 7 add it and ensure foreach θ m ⊏ θ (big to small) do 8 foreach θ ′ ∈ U ( θ m ) compatible closure properties 9 with θ do We will look at how if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 10 this is done next defTo ( θ ′ ⊔ θ, θ ′ ); • Update states for foreach θ ′ ∈ { θ } ∪ U ( θ ) do relevant bindings 11 ∆( θ ′ ) ← σ (∆( θ ′ ) , e ) 12 13 return ∆

  23. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 if θ m ∈ dom (∆) then break ; 3 defTo ( θ, θ m ) 4 foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) 6 compatible with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ );

  24. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 • We first find the maximal if θ m ∈ dom (∆) then break ; 3 binding in ∆ (might be ⊥ ) defTo ( θ, θ m ) 4 foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) 6 compatible with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ );

  25. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 • We first find the maximal if θ m ∈ dom (∆) then break ; 3 binding in ∆ (might be ⊥ ) defTo ( θ, θ m ) 4 • Use it to add θ foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) 6 compatible with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ );

  26. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 • We first find the maximal if θ m ∈ dom (∆) then break ; 3 binding in ∆ (might be ⊥ ) defTo ( θ, θ m ) 4 • Use it to add θ foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) • Ensures closure properties 6 compatible with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ );

  27. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 • We first find the maximal if θ m ∈ dom (∆) then break ; 3 binding in ∆ (might be ⊥ ) defTo ( θ, θ m ) 4 • Use it to add θ foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) • Ensures closure properties 6 compatible with θ do • Consider all submaps if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ );

  28. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 • We first find the maximal if θ m ∈ dom (∆) then break ; 3 binding in ∆ (might be ⊥ ) defTo ( θ, θ m ) 4 • Use it to add θ foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) • Ensures closure properties 6 compatible with θ do • Consider all submaps if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ ); • Attempt to create all unions

  29. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 • We first find the maximal if θ m ∈ dom (∆) then break ; 3 binding in ∆ (might be ⊥ ) defTo ( θ, θ m ) 4 • Use it to add θ foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) • Ensures closure properties 6 compatible with θ do • Consider all submaps if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ ); • Attempt to create all unions • defTo 8 ... 9 defTo ( θ, θ ′ ): ∆( θ ) ← ∆( θ ′ ) 10 foreach θ ′′ ⊏ θ do 11 U ( θ ′′ ) ← U ( θ ′′ ) ∪ { θ } ;

  30. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 • We first find the maximal if θ m ∈ dom (∆) then break ; 3 binding in ∆ (might be ⊥ ) defTo ( θ, θ m ) 4 • Use it to add θ foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) • Ensures closure properties 6 compatible with θ do • Consider all submaps if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ ); • Attempt to create all unions • defTo uses the state from 8 ... the maximal binding to 9 defTo ( θ, θ ′ ): initialise θ ∆( θ ) ← ∆( θ ′ ) 10 foreach θ ′′ ⊏ θ do 11 U ( θ ′′ ) ← U ( θ ′′ ) ∪ { θ } ;

  31. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Closing U • We only need to update U if 1 if θ / ∈ dom (∆) then θ is not in U foreach θ m ⊏ θ (big to small) do 2 • We first find the maximal if θ m ∈ dom (∆) then break ; 3 binding in ∆ (might be ⊥ ) defTo ( θ, θ m ) 4 • Use it to add θ foreach θ m ⊏ θ (big to small) do 5 foreach θ ′ ∈ U ( θ m ) • Ensures closure properties 6 compatible with θ do • Consider all submaps if ( θ ′ ⊔ θ ) / ∈ dom (∆) then 7 defTo ( θ ′ ⊔ θ, θ ′ ); • Attempt to create all unions • defTo uses the state from 8 ... the maximal binding to 9 defTo ( θ, θ ′ ): initialise θ ∆( θ ) ← ∆( θ ′ ) 10 foreach θ ′′ ⊏ θ do • Relevance-closes U for θ i.e. 11 U ( θ ′′ ) ← U ( θ ′′ ) ∪ { θ } ; adds it to the U -entry for all smaller existing bindings

  32. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Why is this better? • We only update U if we 1 foreach e ( θ ) ∈ τ in order do if θ / ∈ dom (∆) then haven’t seen the event’s 2 foreach θ m ⊏ θ (big to small) do objects before. 3 if θ m ∈ dom (∆) then break; 4 defTo ( θ, θ m ) 5 foreach θ m ⊏ θ (big to small) do 6 foreach θ ′ ∈ U ( θ m ) 7 compatible with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) 8 then defTo ( θ ′ ⊔ θ, θ ′ ); defTo ( θ, θ ′ ): foreach θ ′ ∈ { θ } ∪ U ( θ ) do 1 9 ∆( θ ) ← ∆( θ ′ ) ∆( θ ′ ) ← σ (∆( θ ′ ) , e ) 2 10 foreach θ ′′ ⊏ θ do 3 11 return ∆ U ( θ ′′ ) ← U ( θ ′′ ) ∪ { θ } ;

  33. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Why is this better? • We only update U if we 1 foreach e ( θ ) ∈ τ in order do if θ / ∈ dom (∆) then haven’t seen the event’s 2 foreach θ m ⊏ θ (big to small) do objects before. 3 if θ m ∈ dom (∆) then break; 4 Optimise Common Case defTo ( θ, θ m ) 5 foreach θ m ⊏ θ (big to small) do 6 foreach θ ′ ∈ U ( θ m ) 7 compatible with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) 8 then defTo ( θ ′ ⊔ θ, θ ′ ); defTo ( θ, θ ′ ): foreach θ ′ ∈ { θ } ∪ U ( θ ) do 1 9 ∆( θ ) ← ∆( θ ′ ) ∆( θ ′ ) ← σ (∆( θ ′ ) , e ) 2 10 foreach θ ′′ ⊏ θ do 3 11 return ∆ U ( θ ′′ ) ← U ( θ ′′ ) ∪ { θ } ;

  34. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Why is this better? • We only update U if we 1 foreach e ( θ ) ∈ τ in order do if θ / ∈ dom (∆) then haven’t seen the event’s 2 foreach θ m ⊏ θ (big to small) do objects before. 3 if θ m ∈ dom (∆) then break; 4 Optimise Common Case defTo ( θ, θ m ) 5 • Only iterate over small foreach θ m ⊏ θ (big to small) do 6 foreach θ ′ ∈ U ( θ m ) collections - we expect 7 U ( θ ) to be small compared compatible with θ do if ( θ ′ ⊔ θ ) / ∈ dom (∆) to dom (∆). 8 then defTo ( θ ′ ⊔ θ, θ ′ ); defTo ( θ, θ ′ ): foreach θ ′ ∈ { θ } ∪ U ( θ ) do 1 9 ∆( θ ) ← ∆( θ ′ ) ∆( θ ′ ) ← σ (∆( θ ′ ) , e ) 2 10 foreach θ ′′ ⊏ θ do 3 11 return ∆ U ( θ ′′ ) ← U ( θ ′′ ) ∪ { θ } ;

  35. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works Recall the UnsafeMapIterator example used previously. update update use update createC createI use 1 2 3 4 5 createC (M 1 ,C 1 ) createC (M 1 ,C 2 ) createI (C 1 ,I 1 ) update (C 1 ) createI (C 2 ,I 2 ) use (I 1 )

  36. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works We begin with ∆ containing the empty binding and initial state, and U empty Trace ∆ U (-,-,-) 1

  37. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works Adding (M 1 ,-,-) and (-,C 1 ,-) to U allows us to find (M 1 ,C 1 ,-) in the future whenever we see an event using just C 1 or M 1 Trace ∆ U (-,-,-) 1 (-,-,-) (M 1 ,C 1 ,-) createC (M 1 ,C 1 ) (M 1 ,C 1 ,-) 2 (M 1 ,-,-) (M 1 ,C 1 ,-) (-,C 1 ,-) (M 1 ,C 1 ,-)

  38. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works (M 1 ,C 2 ,-) is also added to the entry in U for (M 1 ,-,-) - this relates to the ‘above-of’ relation in the lattice we were building earlier Trace ∆ U (-,-,-) 1 (-,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createC (M 1 ,C 1 ) (M 1 ,C 1 ,-) 2 createC (M 1 ,C 2 ) (M 1 ,C 2 ,-) 2 (M 1 ,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) (-,C 1 ,-) (M 1 ,C 1 ,-) (-,C 2 ,-) (M 1 ,C 2 ,-)

  39. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works (-,C 1 ,I 1 ) is added from (-,-,-) (M 1 ,C 1 ,-) in U ((-,C 1 ,-)) is used to add (M 1 ,C 1 ,I 1 ) Trace ∆ U (-,-,-) 1 (-,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createC (M 1 ,C 1 ) (M 1 ,C 1 ,-) 2 (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) createC (M 1 ,C 2 ) (M 1 ,C 2 ,-) 2 createI (C 1 ,I 1 ) (-,C 1 ,I 1 ) F (M 1 ,C 1 ,I 1 ) 3 (M 1 ,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) (M 1 ,C 1 ,I 1 ) (-,C 1 ,-) (M 1 ,C 1 ,-)(-,C 1 ,I 1 ) (M 1 ,C 1 ,I 1 ) (-,C 2 ,-) (M 1 ,C 2 ,-)(-,C 2 ,I 2 ) (-,-,I 1 ) (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) (M 1 ,C 1 ,-) (M 1 ,C 1 ,I 1 ) (-,C 1 ,I 1 ) (M 1 ,C 1 ,I 1 ) (M 1 ,-,I 1 ) (M 1 ,C 1 ,I 1 )

  40. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works θ m is (-,-,-) therefore defTo ((-,C 1 ,-),(-,-,-)) sets ∆((-,C 1 ,-))=1 which is updated to F. As expected U ((-,C 1 ,-)) = { (M 1 ,C 1 ,-),(-,C 1 ,I 1 ),(M 1 ,C 1 ,I 1 ) } Trace ∆ U (-,-,-) 1 (-,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createC (M 1 ,C 1 ) (M 1 ,C 1 ,-) 2 (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) createC (M 1 ,C 2 ) (M 1 ,C 2 ,-) 2 (-,C 1 ,-) createI (C 1 ,I 1 ) (-,C 1 ,I 1 ) F update (C 1 ) (M 1 ,C 1 ,I 1 ) 4 (M 1 ,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) (-,C 1 ,-) F (M 1 ,C 1 ,I 1 ) (-,C 1 ,-) (M 1 ,C 1 ,-)(-,C 1 ,I 1 ) (M 1 ,C 1 ,I 1 ) (-,C 2 ,-) (M 1 ,C 2 ,-) (-,-,I 1 ) (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) (M 1 ,C 1 ,-) (M 1 ,C 1 ,I 1 ) (-,C 1 ,I 1 ) (M 1 ,C 1 ,I 1 ) (M 1 ,-,I 1 ) (M 1 ,C 1 ,I 1 )

  41. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works We consider (-,C 2 ,-) ⊏ (-,C 2 ,I 2 ) and use U ((-,C 2 ,-)) to add (M 1 ,C 2 ,I 2 ) Trace ∆ U (-,-,-) 1 (-,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createC (M 1 ,C 1 ) (M 1 ,C 1 ,-) 2 (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) createC (M 1 ,C 2 ) (M 1 ,C 2 ,-) 2 (-,C 1 ,-)(-,C 2 ,I 2 ) createI (C 1 ,I 1 ) (-,C 1 ,I 1 ) F (M 1 ,C 2 ,I 2 ) update (C 1 ) (M 1 ,C 1 ,I 1 ) 4 (M 1 ,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createI (C 2 ,I 2 ) (-,C 1 ,-) F (M 1 ,C 1 ,I 1 )(M 1 ,C 2 ,I 2 ) (-,C 2 ,I 2 ) F (-,C 1 ,-) (M 1 ,C 1 ,-)(-,C 1 ,I 1 ) (M 1 ,C 2 ,I 2 ) 3 (M 1 ,C 1 ,I 1 ) (-,C 2 ,-) (M 1 ,C 2 ,-)(-,C 2 ,I 2 ) (M 1 ,C 2 ,I 2 ) . . . . . . (-,-,I 2 ) (-,C 2 ,I 2 )(M 1 ,C 2 ,I 2 ) (M 1 ,C 2 ,-) (M 1 ,C 2 ,I 2 ) (-,C 2 ,I 2 ) (M 1 ,C 2 ,I 2 ) (M 1 ,-,I 2 ) (M 1 ,C 2 ,I 2 )

  42. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works We can use the (-,-,I 1 ) entry in U to find the two relevant bindings. Previously we would have had to compare (-,-,I 1 ) with every binding in ∆ Trace ∆ U (-,-,-) 1 (-,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createC (M 1 ,C 1 ) (M 1 ,C 1 ,-) 2 (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) createC (M 1 ,C 2 ) (M 1 ,C 2 ,-) 2 (-,C 1 ,-)1-¿(-,C 2 ,I 2 ) createI (C 1 ,I 1 ) (-,C 1 ,I 1 ) F (M 1 ,C 2 ,I 2 )(-,-,I 1 ) update (C 1 ) (M 1 ,C 1 ,I 1 ) 5 (M 1 ,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createI (C 2 ,I 2 ) (-,C 1 ,-) F (M 1 ,C 1 ,I 1 )(M 1 ,C 2 ,I 2 ) use (I 1 ) (-,C 2 ,I 2 ) F (-,C 1 ,-) (M 1 ,C 1 ,-)(-,C 1 ,I 1 ) (M 1 ,C 2 ,I 2 ) 3 (M 1 ,C 1 ,I 1 ) (-,C 2 ,-) (M 1 ,C 2 ,-)(-,C 2 ,I 2 ) (M 1 ,C 2 ,I 2 ) (-,-,I 1 ) (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) (M 1 ,C 1 ,-) (M 1 ,C 1 ,I 1 ) . . . . . .

  43. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools How it works Trace ∆ U (-,-,-) 1 (-,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createC (M 1 ,C 1 ) (M 1 ,C 1 ,-) F (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) createC (M 1 ,C 2 ) (M 1 ,C 2 ,-) 2 (-,C 1 ,-)(-,C 2 ,I 2 ) createI (C 1 ,I 1 ) (-,C 1 ,I 1 ) F (M 1 ,C 2 ,I 2 )(-,-,I 1 ) update (C 1 ) (M 1 ,C 1 ,I 1 ) 5 (M 1 ,-,-) (M 1 ,C 1 ,-)(M 1 ,C 2 ,-) createI (C 2 ,I 2 ) (-,C 1 ,-) F (M 1 ,C 1 ,I 1 )(M 1 ,C 2 ,I 2 ) use (I 1 ) (-,C 2 ,I 2 ) F (-,C 1 ,-) (M 1 ,C 1 ,-)(-,C 1 ,I 1 ) (M 1 ,C 2 ,I 2 ) 3 (M 1 ,C 1 ,I 1 ) (-,C 2 ,-) (M 1 ,C 2 ,-)(-,C 2 ,I 2 ) (M 1 ,C 2 ,I 2 ) (-,-,I 1 ) (-,C 1 ,I 1 )(M 1 ,C 1 ,I 1 ) (M 1 ,C 1 ,-) (M 1 ,C 1 ,I 1 ) (-,C 1 ,I 1 ) (M 1 ,C 1 ,I 1 ) (M 1 ,-,I 1 ) (M 1 ,C 1 ,I 1 ) (-,-,I 2 ) (-,C 2 ,I 2 )(M 1 ,C 2 ,I 2 ) (M 1 ,C 2 ,-) (M 1 ,C 2 ,I 2 ) (-,C 2 ,I 2 ) (M 1 ,C 2 ,I 2 ) (M 1 ,-,I 2 ) (M 1 ,C 2 ,I 2 )

  44. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Other kinds of Indexing • The idea here was to lookup the relevant bindings using the values in an event • There are two other possibilities: • State-based. Associate states with the bindings in those states (only beneficial in suffix-matching) • Symbol-based. Use the event names to find the bindings in states where those events have transitions that cause the binding to change state. • It is possible to combine the kinds of indexing • tracematches combines State and Value • MarQ combines Symbol and Value

  45. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Distributed Indexing • The idea is to use AspectJ weaving to distribute indexing directly into the relevant objects • The simple idea: single object indexing • Instead of having a map relating objects to the relevant states, add that relevant state directly into the object • For multi-object indexing a master object is chosen per parameter list and the index distributed into that object. The details depend on how indexing is organised generally. • The disadvantages of this approach are • Restricted to online monitoring of Java programs using AspectJ • The amount of instrumentation significantly increases • It may require modifying libraries (e.g. the code of Map)

  46. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools The Hierarchical Fragment • The recent work of those behind the Mufin tool has introduced a new indexing technique • They noticed that most of the properties used in benchmarks+papers have a certain property that when multiple objects are monitored one is created from the other • This leads to a fragment of the slicing theory (which I call the hierarchical fragment) • It also leads to a (very) efficient indexing technique that organises everything in terms of this hierarchy. Briefly, • Monitored objects are extended to point to the monitored objects below them in the hierarchy • These objects are organised into sets according to the state the combination of objects is in • This allows monitoring steps to be implemented using union-find techniques

  47. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Optimising Parametric Trace Slicing In this part we will consider: • Extensions to the expressiveness of the theory • Indexing techniques to improve efficiency • Notions of redundancy that reduce the work required • Other pragmatic issues.

  48. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What is Redundant? • Looking at the algorithm we have so far, where can we find redundancies ?

  49. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What is Redundant? • Looking at the algorithm we have so far, where can we find redundancies ? • We process each event • With respect to existing bindings • Work is proportional to the number of each • We want to find when we can ignore an event • We want to find when we do not need to create, or can remove, a binding

  50. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Garbage • When monitoring a garbage-collected language like Java there are two concerns with respect to garbage • The monitoring can cause memory-leaks • Some bindings may necessarily never lead to matches due to garbage values i.e. they are now redundant • This was originally noted in early work on tracematches • The typical solution is to use weak references to refer to monitored objects • A weak reference in Java is ignored by garbage collection • But we need to be careful...

  51. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Going Wrong with Weak References • Consider the property every file that is opened must be closed • What if a monitored file is in the open state and becomes garbage? • Removing any reference to the file from the monitoring state would miss this violation • It is important to detect the occurrence of garbage collection and treat the binding appropriately (see co-enable sets) • Early work got this wrong (always read the most recent papers!)

  52. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Other Redundancy Issues There are other notions of redundancy that can reduce the amount of work that you need to do. • creation events : if every matching trace starts with a subset of events then start monitoring on these events only • enable sets : for each event detect the set of other events that must occur first for that event to make a difference. We call such a the enable set . For efficiency reasons we can approximate events by the parameters they bind. • co-enable sets : a symmetric notion for removing bindings. Detect the parameters needed to exist to reach a goal state. If they all become garbage then the binding can be removed. Enable sets are a special instance of a more general notion of redundancy where an event is considered redundant if ignoring it always gives the same verdict . Easy to compute but not yet clear how to apply this notion efficiently in general.

  53. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools An Example of (co)Enable Sets • creation event: without a createC we don’t need to record anything • enable set: unless m and c are bound, we can ignore i • coEnable set: if i is garbage collected then we cannot reach state 5 update ( m ) use ( i ) update ( m ) createC ( m , c ) createI ( c , i ) update ( m ) use ( i ) 1 2 3 4 5

  54. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Optimising Parametric Trace Slicing In this part we will consider: • Extensions to the expressiveness of the theory • Indexing techniques to improve efficiency • Notions of redundancy that reduce the work required • Other pragmatic issues.

  55. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Other Pragmatic Issues • Monitoring multiple properties • What if we want to monitor many (similar) properties at the same time? • There exists work on sharing parts of the monitoring (and results on what not to share) • Signal and Continue Monitoring • Note we often talk about success and failure, but many systems talk about matches • Slicing gives a nice signal-and-continue approach where sets of parameters can fail in separation • Explaining Failures • If we get a violation how do we report it, what information can we give? • Tracking the code points that generated events is expensive • Signal-and-continue is a coarse-grained notion of multiple failure reporting

  56. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Summary • We can have a more expressive slicing-based language than JavaMOP • Indexing is important. The most prominent approach is value-based • Reducing expressiveness can lead to more efficient indexing • Removing redundancies is important. Dealing with garbage is very important for online monitoring • Ongoing research: comparing slicing to other languages • Can we automatically translate between them? • Can we transfer algorithm optimisations i.e. indexing and notions of redundancy?

  57. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Static Partial Evaluation of Monitors In this part we will • Motivate the use of static analysis through some examples • Quickly revisit what pointer analysis is • Outline the CLARA architecture • Describe four static whole-program analyses

  58. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Static Partial Evaluation of Monitors In this part we will • Motivate the use of static analysis through some examples • Quickly revisit what pointer analysis is • Outline the CLARA architecture • Describe four static whole-program analyses

  59. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } System.out.println("There are "+map.keySet().size()+ " unique keys"); }

  60. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A No. There are no iterators created. public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } System.out.println("There are "+map.keySet().size()+ " unique keys"); }

  61. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } Iterator iter = Arrays.asList(args).iterator(); while(iter.hasNext()){ String arg = iter.next(); if(map.containsKey(Integer.parseInt(arg)) && map.containsValue(arg)){ System.out.println(arg+" is a key and value"); } } }

  62. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A No. No one slice contains all necessary events. public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } Iterator iter = Arrays.asList(args).iterator(); while(iter.hasNext()){ String arg = iter.next(); if(map.containsKey(Integer.parseInt(arg)) && map.containsValue(arg)){ System.out.println(arg+" is a key and value"); } } }

  63. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } Iterator iter = map.keySet().iterator(); while(iter.hasNext()){ Integer key = iter.next(); System.out.println(key+" \t:\t"+map.get(key)); } }

  64. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A No. There are no updates after iteration. public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } Iterator iter = map.keySet().iterator(); while(iter.hasNext()){ Integer key = iter.next(); System.out.println(key+" \t:\t"+map.get(key)); } }

  65. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } Iterator iter = map.valueSet().iterator(); while(iter.hasNext()){ Integer key = iter.next(); if(map.containsKey(Integer.parseInt(arg))){ map.remove(key); } } }

  66. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A Maybe. We cannot tell statically. public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } Iterator iter = map.valueSet().iterator(); while(iter.hasNext()){ Integer key = iter.next(); if(map.containsKey(Integer.parseInt(arg))){ map.remove(key); } } }

  67. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } Iterator iter = map.valueSet().iterator(); map.insert(0,"empty"); while(iter.hasNext()){ Integer key = iter.next(); if(map.containsKey(Integer.parseInt(arg))){ map.remove(key); } } }

  68. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Motivating Static Analysis Q Does the following violate the UnsafeMapIterator property? A Yes. This insertion must violate the property. public static void main(String args[]){ Map<Integer,String> map = new HashMap<>(); for(int i=0; i+1<args.length;i+=2){ map.insert(Integer.parseInt(args[i]),args[i+1]); } Iterator iter = map.valueSet().iterator(); map.insert(0,"empty"); while(iter.hasNext()){ Integer key = iter.next(); if(map.containsKey(Integer.parseInt(arg))){ map.remove(key); } } }

  69. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools What do we want? • To reduce the work required at runtime • We already established this involves deciding which events to safely ignore • In the context of AspectJ this removes removing joinpoint s • Static partial evaluation is about statically deciding which events do not need to be recorded. In the limit we can decide if the property necessarily does or does not hold

  70. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools A Quick Guide to Static Analysis • Intra vs Inter procedural • Intraprocedural considers functions/methods in separation. Assumes other procedures exhibit all possible behaviours. • Interprocedural considers whole program (full call graph) • Flow sensitive/insensitive. • sensitive: considers the order of statements • insensitive: considers the statements as unordered • Context sensitive/insensitive (interprocedural only). • sensitive: keeps track of the context of procedure calls i.e. its calling parameters • insensitive; the set of all contexts is considered • Heap abstraction. • For heap-based languages (e.g. Java) it is necessary to model dynamically allocated objects • This is typically done by allocation sites ( new ) where each site gives a representative object

  71. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Static Partial Evaluation of Monitors In this part we will • Motivate the use of static analysis through some examples • Quickly revisit what pointer analysis is • Outline the CLARA architecture • Describe four static whole-program analyses

  72. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Pointer Analysis • The aim of points-to analysis is to compute for a variable x the superset of representative objects that x ( may/must ) point to during execution • There is a trade-off between precision and efficiency • Imprecision may overapproximate i.e. may-points-to • Imprecision may underapproximate i.e. must-points-to • The imprecision can come from different sources (e.g. flow insensitivity, approximating recursion)

  73. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools By Some Examples flow-insensitive may points to( x ) = { 1 , 2 } A x; void f () {x = new A(); }// (1) void g() {x = new A(); }// (2) void main() { f (); g (); print (x); }

  74. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools By Some Examples flow-insensitive may points to( x ) = { 1 , 2 } flow-sensitive may points to( x ) = { 2 } A x; void f () {x = new A(); }// (1) void g() {x = new A(); }// (2) void main() { f (); g (); print (x); }

  75. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools By Some Examples intraprocedural analysis must assume the iterator calls may return the same values, it may return anything x = c. iterator (); // (3) y = c. iterator (); // (4) ...

  76. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools By Some Examples interprocedural context-insensitive may points to( x ) = { 5 } may points to( y ) = { 5 } x = c. iterator (); // (3) y = c. iterator (); // (4) ... public Iterator iterator () { return new HashSetIterator (); // (5) }

  77. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools By Some Examples interprocedural context-sensitive may points to( x ) = {� 3 , 5 �} may points to( y ) = {� 4 , 5 �} x = c. iterator (); // (3) y = c. iterator (); // (4) ... public Iterator iterator () { return new HashSetIterator (); // (5) }

  78. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools By Some Examples For may points to we merge object representatives at merge points. Note that the points-to set of a variable changes during execution, analysis is with respect to a statement. i = c1. iterator (); // 1 j = i; if (p) i = c2. iterator (); // 2 // 3 = 1, 2 j = i; print (j );

  79. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Static Partial Evaluation of Monitors In this part we will • Motivate the use of static analysis through some examples • Quickly revisit what pointer analysis is • Outline the CLARA architecture • Describe four static whole-program analyses • Give some further context as the above is relatively lightweight

  80. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools CLARA • A framework developed by Eric Bodden (with collaborators along the way) for his PhD thesis (2009) • The main work to date on static partial evaluation of monitors • Stands for ComiLe-time Approximation of Runtime Analyses • The basic underlying ideas are: • Take monitors described using AspectJ aspects • Abstract the notion of finite-state monitors as dependency state machines and use to annotate aspects • Apply three staged static analyses to remove instrumentation points shown to be ineffectual • Apply a static analysis that detects certain violations

  81. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Architecture

  82. Optimising Parametric Trace Slicing Static Partial Evaluation of Monitors Evaluating Runtime Monitoring Tools Dependency State Machine • CLARA assumes the monitor admits a finite state machine capturing dependencies between pointcuts • It calls such machines dependency state machines (DSM) • These machines should define the matching (bad) behaviours • But they are just used for static analysis and do not include any actions to be taken on a match • DSM are non-deterministic to support multiple matches i.e. every trace prefix leading to a final state should be matched (important when deciding what joinpoints to drop)

Recommend


More recommend